From 90e2536b27a0e2a66be49d4081d097104a6cec35 Mon Sep 17 00:00:00 2001 From: Sam Holmes Date: Tue, 13 May 2025 14:03:15 -0700 Subject: [PATCH] Fix bug confusing disable duress for disable pin-login --- CHANGELOG.md | 2 ++ src/core/account/account-api.ts | 3 +-- src/core/login/pin2.ts | 16 +++++----------- test/core/login/login.test.ts | 14 ++++++++++++++ 4 files changed, 22 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9ffcc145..d4fa25d3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## Unreleased +- fixed: Disable duress pin mistakenly disables pin-login for entire account. + ## 2.27.3 (2025-05-12) - fixed: Bug causing duress account creation from `loginWithKey` while in duress mode. diff --git a/src/core/account/account-api.ts b/src/core/account/account-api.ts index 88d38aa5..32a080d9 100644 --- a/src/core/account/account-api.ts +++ b/src/core/account/account-api.ts @@ -250,8 +250,7 @@ export function makeAccountApi(ai: ApiInput, accountId: string): EdgeAccount { // For crash errors: ai.props.log.breadcrumb('EdgeAccount.changePin', {}) // Check if we are in duress mode: - const inDuressMode = ai.props.state.clientInfo.duressEnabled - const { forDuressAccount = inDuressMode } = opts + const { forDuressAccount = false } = opts const { activeAppId } = accountState() const duressAppId = activeAppId.endsWith('.duress') ? activeAppId diff --git a/src/core/login/pin2.ts b/src/core/login/pin2.ts index 36555134..40f9926d 100644 --- a/src/core/login/pin2.ts +++ b/src/core/login/pin2.ts @@ -85,6 +85,7 @@ export async function changePin( opts: ChangePinOptions ): Promise { const accountState = ai.props.state.accounts[accountId] + const inDuressMode = ai.props.state.clientInfo.duressEnabled const { loginTree, login, sessionKey } = accountState const { username } = accountState.stashTree @@ -99,7 +100,7 @@ export async function changePin( // Deleting PIN logins while in duress account should delete PIN locally for // all nodes: - if (forDuressAccount && !enableLogin) { + if (inDuressMode && !forDuressAccount && !enableLogin) { if (pin == null) { await applyKitsTemporarily(ai, makeDeletePin2Kits(loginTree)) } else { @@ -107,14 +108,7 @@ export async function changePin( // Delete for other apps: ...makeDeletePin2Kits(loginTree, false), // Change PIN for duress app: - ...makeChangePin2Kits( - ai, - loginTree, - username, - pin, - enableLogin, - forDuressAccount - ) + ...makeChangePin2Kits(ai, loginTree, username, pin, enableLogin, true) ]) } return @@ -131,7 +125,7 @@ export async function changePin( await applyKits( ai, sessionKey, - makeDeletePin2Kits(loginTree, forDuressAccount) + makeDeletePin2Kits(loginTree, forDuressAccount || inDuressMode) ) return } @@ -142,7 +136,7 @@ export async function changePin( username, pin, enableLogin, - forDuressAccount + forDuressAccount || inDuressMode ) await applyKits(ai, sessionKey, kits) } diff --git a/test/core/login/login.test.ts b/test/core/login/login.test.ts index 8c0d4582..8b0b7774 100644 --- a/test/core/login/login.test.ts +++ b/test/core/login/login.test.ts @@ -328,6 +328,20 @@ describe('pin', function () { expect(successAccount.id).equals(duressAccount.id) }) + it('disable duress does not disable pin-login', async function () { + const world = await makeFakeEdgeWorld([fakeUser], quiet) + const context = await world.makeEdgeContext(contextOptions) + expect(context.localUsers[0].pinLoginEnabled).equals(true) + // Setup duress mode: + const account = await context.loginWithPIN(fakeUser.username, fakeUser.pin) + await account.changePin({ pin: '0000', forDuressAccount: true }) + // Disable duress mode: + await account.changePin({ + enableLogin: false, + forDuressAccount: true + }) + expect(context.localUsers[0].pinLoginEnabled).equals(true) + }) it('check', async function () { const world = await makeFakeEdgeWorld([fakeUser], quiet) const context = await world.makeEdgeContext(contextOptions)